Warning: Permanently added '10.128.0.194' (ED25519) to the list of known hosts.
2025/11/11 04:01:51 parsed 1 programs
[ 66.237646][ T4188] cgroup: Unknown subsys name 'net'
[ 66.376412][ T4188] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 67.937895][ T4188] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 70.621799][ T4227] chnl_net:caif_netlink_parms(): no params data found
[ 70.710781][ T4227] bridge0: port 1(bridge_slave_0) entered blocking state
[ 70.717993][ T4227] bridge0: port 1(bridge_slave_0) entered disabled state
[ 70.726629][ T4227] device bridge_slave_0 entered promiscuous mode
[ 70.736907][ T4227] bridge0: port 2(bridge_slave_1) entered blocking state
[ 70.744584][ T4227] bridge0: port 2(bridge_slave_1) entered disabled state
[ 70.752992][ T4227] device bridge_slave_1 entered promiscuous mode
[ 70.784008][ T4227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 70.798412][ T4227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 70.832112][ T4227] team0: Port device team_slave_0 added
[ 70.840898][ T4227] team0: Port device team_slave_1 added
[ 70.867781][ T4227] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 70.876317][ T4227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 70.903532][ T4227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 70.917376][ T4227] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 70.925847][ T4227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 70.953089][ T4227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 70.994601][ T4227] device hsr_slave_0 entered promiscuous mode
[ 71.002924][ T4227] device hsr_slave_1 entered promiscuous mode
[ 71.149048][ T4227] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 71.161121][ T4227] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 71.174518][ T4227] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 71.184976][ T4227] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 71.226953][ T4227] bridge0: port 2(bridge_slave_1) entered blocking state
[ 71.234364][ T4227] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 71.242621][ T4227] bridge0: port 1(bridge_slave_0) entered blocking state
[ 71.249727][ T4227] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 71.312757][ T4227] 8021q: adding VLAN 0 to HW filter on device bond0
[ 71.324704][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.331266][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.352491][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 71.364151][ T298] bridge0: port 1(bridge_slave_0) entered disabled state
[ 71.373064][ T298] bridge0: port 2(bridge_slave_1) entered disabled state
[ 71.381905][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 71.396768][ T4227] 8021q: adding VLAN 0 to HW filter on device team0
[ 71.408757][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 71.417359][ T154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 71.424461][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 71.437915][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 71.447380][ T154] bridge0: port 2(bridge_slave_1) entered blocking state
[ 71.454492][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 71.478265][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 71.487471][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 71.509209][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 71.539508][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 71.550904][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 71.677053][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 71.684632][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 71.697343][ T4227] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 71.717829][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 71.727280][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 71.746869][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 71.756102][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 71.765336][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 71.773886][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 71.783938][ T4227] device veth0_vlan entered promiscuous mode
[ 71.795266][ T4227] device veth1_vlan entered promiscuous mode
[ 71.828318][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 71.836660][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 71.845405][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 71.855241][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 71.866646][ T4227] device veth0_macvtap entered promiscuous mode
[ 71.893306][ T4227] device veth1_macvtap entered promiscuous mode
[ 71.908574][ T4227] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 71.916251][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 71.924548][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 71.933969][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 71.942730][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 71.973220][ T4227] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 71.982349][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 71.992354][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 72.003556][ T4227] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.012491][ T4227] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.021961][ T4227] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.030961][ T4227] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.090919][ T298] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 73.099024][ T298] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 73.121669][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 73.133324][ T3083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 73.142661][ T3083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 73.151871][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2025/11/11 04:02:02 executed programs: 0
[ 74.146950][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 74.329605][ T4290] chnl_net:caif_netlink_parms(): no params data found
[ 74.372921][ T4290] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.380225][ T4290] bridge0: port 1(bridge_slave_0) entered disabled state
[ 74.388042][ T4290] device bridge_slave_0 entered promiscuous mode
[ 74.396544][ T4290] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.403763][ T4290] bridge0: port 2(bridge_slave_1) entered disabled state
[ 74.412185][ T4290] device bridge_slave_1 entered promiscuous mode
[ 74.433848][ T4290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 74.445716][ T4290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 74.472117][ T4290] team0: Port device team_slave_0 added
[ 74.479432][ T4290] team0: Port device team_slave_1 added
[ 74.500194][ T4290] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 74.507184][ T4290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.533345][ T4290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 74.546735][ T4290] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 74.553767][ T4290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.579880][ T4290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 74.611800][ T4290] device hsr_slave_0 entered promiscuous mode
[ 74.618580][ T4290] device hsr_slave_1 entered promiscuous mode
[ 74.626706][ T4290] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 74.634761][ T4290] Cannot create hsr debugfs directory
[ 76.290868][ T4248] Bluetooth: hci0: command 0x0409 tx timeout
[ 76.848623][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 76.930199][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.009984][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.838572][ T4290] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 77.847955][ T4290] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 77.858904][ T4290] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 77.868158][ T4290] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 77.943007][ T4290] 8021q: adding VLAN 0 to HW filter on device bond0
[ 77.977352][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 77.986245][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 77.996902][ T4290] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.006547][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 78.016209][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 78.025013][ T298] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.032178][ T298] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.041399][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 78.071073][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 78.079943][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 78.088353][ T298] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.095485][ T298] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.106013][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 78.127564][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 78.137938][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 78.150085][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 78.158606][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 78.183245][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 78.194130][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 78.206939][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 78.216335][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 78.227136][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 78.236531][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 78.247536][ T4290] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 78.361674][ T4322] Bluetooth: hci0: command 0x041b tx timeout
[ 78.367979][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 78.376446][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 78.405401][ T4290] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 78.423602][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 78.433129][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 78.467050][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 78.475695][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 78.484430][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 78.492609][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 78.502964][ T4290] device veth0_vlan entered promiscuous mode
[ 78.532369][ T4290] device veth1_vlan entered promiscuous mode
[ 78.552566][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 78.561147][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 78.569248][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 78.578814][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 78.590854][ T4290] device veth0_macvtap entered promiscuous mode
[ 78.607703][ T4290] device veth1_macvtap entered promiscuous mode
[ 78.633486][ T4290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 78.644326][ T4290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 78.657441][ T4290] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 78.667531][ T4290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 78.678277][ T4290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 78.689365][ T4290] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 78.697464][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 78.706153][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 78.714496][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 78.723679][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 78.732879][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 78.741807][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 78.757948][ T4290] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.774917][ T4290] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.783998][ T4290] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.793026][ T4290] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.810259][ T9] device hsr_slave_0 left promiscuous mode
[ 78.816813][ T9] device hsr_slave_1 left promiscuous mode
[ 78.823907][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 78.832510][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 78.841502][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 78.848914][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 78.856666][ T9] device bridge_slave_1 left promiscuous mode
[ 78.864035][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.877574][ T9] device bridge_slave_0 left promiscuous mode
[ 78.884223][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.903169][ T9] device veth1_macvtap left promiscuous mode
[ 78.909494][ T9] device veth0_macvtap left promiscuous mode
[ 78.915737][ T9] device veth1_vlan left promiscuous mode
[ 78.921904][ T9] device veth0_vlan left promiscuous mode
[ 79.090896][ T9] team0 (unregistering): Port device team_slave_1 removed
[ 79.107641][ T9] team0 (unregistering): Port device team_slave_0 removed
[ 79.122752][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 79.137360][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 79.196649][ T9] bond0 (unregistering): Released all slaves
[ 79.304250][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.313924][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.339141][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2025/11/11 04:02:07 executed programs: 2
[ 79.365091][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.373352][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.382400][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 79.448601][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[ 79.508461][ T4355] ==================================================================
[ 79.516774][ T4355] BUG: KASAN: use-after-free in ax25_fillin_cb+0x459/0x640
[ 79.524022][ T4355] Read of size 4 at addr ffff888023510638 by task syz.0.19/4355
[ 79.531678][ T4355]
[ 79.534037][ T4355] CPU: 1 PID: 4355 Comm: syz.0.19 Not tainted syzkaller #0
[ 79.541229][ T4355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 79.551303][ T4355] Call Trace:
[ 79.554594][ T4355]
[ 79.557522][ T4355] dump_stack_lvl+0x168/0x230
[ 79.562211][ T4355] ? show_regs_print_info+0x20/0x20
[ 79.567427][ T4355] ? _printk+0xcc/0x110
[ 79.571744][ T4355] ? ax25_fillin_cb+0x459/0x640
[ 79.576615][ T4355] ? load_image+0x3b0/0x3b0
[ 79.581129][ T4355] print_address_description+0x60/0x2d0
[ 79.586672][ T4355] ? ax25_fillin_cb+0x459/0x640
[ 79.591640][ T4355] kasan_report+0xdf/0x130
[ 79.596213][ T4355] ? ax25_fillin_cb+0x459/0x640
[ 79.601068][ T4355] ax25_fillin_cb+0x459/0x640
[ 79.605771][ T4355] ax25_setsockopt+0x8a2/0xa40
[ 79.610548][ T4355] ? ax25_shutdown+0x10/0x10
[ 79.615156][ T4355] ? aa_sock_opt_perm+0x74/0x100
[ 79.620095][ T4355] ? bpf_lsm_socket_setsockopt+0x5/0x10
[ 79.625637][ T4355] ? security_socket_setsockopt+0x7a/0xa0
[ 79.631359][ T4355] ? ax25_shutdown+0x10/0x10
[ 79.636064][ T4355] __sys_setsockopt+0x2bf/0x3d0
[ 79.640921][ T4355] __x64_sys_setsockopt+0xb1/0xc0
[ 79.645944][ T4355] do_syscall_64+0x4c/0xa0
[ 79.650638][ T4355] ? clear_bhb_loop+0x30/0x80
[ 79.655330][ T4355] ? clear_bhb_loop+0x30/0x80
[ 79.660107][ T4355] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 79.666024][ T4355] RIP: 0033:0x7f1fed42e6c9
[ 79.670470][ T4355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 79.690096][ T4355] RSP: 002b:00007ffc9f4011b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 79.698535][ T4355] RAX: ffffffffffffffda RBX: 00007f1fed684fa0 RCX: 00007f1fed42e6c9
[ 79.706508][ T4355] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000006
[ 79.714480][ T4355] RBP: 00007f1fed4b0f91 R08: 0000000000000010 R09: 0000000000000000
[ 79.722669][ T4355] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 79.730655][ T4355] R13: 00007f1fed684fa0 R14: 00007f1fed684fa0 R15: 0000000000000005
[ 79.738868][ T4355]
[ 79.742019][ T4355]
[ 79.744349][ T4355] Allocated by task 4353:
[ 79.748669][ T4355] __kasan_kmalloc+0xb5/0xf0
[ 79.753311][ T4355] ax25_dev_device_up+0x50/0x580
[ 79.758255][ T4355] ax25_device_event+0x483/0x4f0
[ 79.763218][ T4355] raw_notifier_call_chain+0xcb/0x160
[ 79.768799][ T4355] __dev_notify_flags+0x178/0x2d0
[ 79.773999][ T4355] dev_change_flags+0xe3/0x1a0
[ 79.778851][ T4355] dev_ifsioc+0x147/0xe70
[ 79.783176][ T4355] dev_ioctl+0x55f/0xe50
[ 79.787418][ T4355] sock_do_ioctl+0x222/0x2f0
[ 79.792015][ T4355] sock_ioctl+0x4ed/0x6e0
[ 79.796358][ T4355] __se_sys_ioctl+0xfa/0x170
[ 79.800949][ T4355] do_syscall_64+0x4c/0xa0
[ 79.805366][ T4355] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 79.811267][ T4355]
[ 79.813601][ T4355] Freed by task 4354:
[ 79.817569][ T4355] kasan_set_track+0x4b/0x70
[ 79.822160][ T4355] kasan_set_free_info+0x1f/0x40
[ 79.827100][ T4355] ____kasan_slab_free+0xd5/0x110
[ 79.832262][ T4355] slab_free_freelist_hook+0xea/0x170
[ 79.837660][ T4355] kfree+0xef/0x2a0
[ 79.841466][ T4355] ax25_release+0x661/0x870
[ 79.845971][ T4355] sock_close+0xd5/0x240
[ 79.850227][ T4355] __fput+0x234/0x930
[ 79.854226][ T4355] task_work_run+0x125/0x1a0
[ 79.858815][ T4355] exit_to_user_mode_loop+0x10f/0x130
[ 79.864188][ T4355] exit_to_user_mode_prepare+0xee/0x180
[ 79.869736][ T4355] syscall_exit_to_user_mode+0x16/0x40
[ 79.875229][ T4355] do_syscall_64+0x58/0xa0
[ 79.879651][ T4355] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 79.885647][ T4355]
[ 79.887994][ T4355] The buggy address belongs to the object at ffff888023510600
[ 79.887994][ T4355] which belongs to the cache kmalloc-192 of size 192
[ 79.902062][ T4355] The buggy address is located 56 bytes inside of
[ 79.902062][ T4355] 192-byte region [ffff888023510600, ffff8880235106c0)
[ 79.915249][ T4355] The buggy address belongs to the page:
[ 79.920971][ T4355] page:ffffea00008d4400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x23510
[ 79.931126][ T4355] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 79.938689][ T4355] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff888016841a00
[ 79.947292][ T4355] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 79.955870][ T4355] page dumped because: kasan: bad access detected
[ 79.962297][ T4355] page_owner tracks the page as allocated
[ 79.968016][ T4355] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 4290, ts 79426033163, free_ts 79425849975
[ 79.984268][ T4355] get_page_from_freelist+0x1b77/0x1c60
[ 79.989837][ T4355] __alloc_pages+0x1e1/0x470
[ 79.994442][ T4355] new_slab+0xb6/0x4b0
[ 79.998514][ T4355] ___slab_alloc+0x81e/0xdf0
[ 80.003098][ T4355] __kmalloc_node+0x200/0x3b0
[ 80.007771][ T4355] memcg_alloc_page_obj_cgroups+0x81/0x120
[ 80.013584][ T4355] new_slab+0x100/0x4b0
[ 80.017747][ T4355] ___slab_alloc+0x81e/0xdf0
[ 80.022333][ T4355] kmem_cache_alloc+0x195/0x290
[ 80.027185][ T4355] sock_alloc_inode+0x17/0xb0
[ 80.031866][ T4355] new_inode_pseudo+0x5f/0x210
[ 80.036763][ T4355] __sock_create+0x129/0x900
[ 80.041357][ T4355] __sys_socket+0xe2/0x170
[ 80.045796][ T4355] __x64_sys_socket+0x76/0x80
[ 80.050492][ T4355] do_syscall_64+0x4c/0xa0
[ 80.054920][ T4355] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 80.060897][ T4355] page last free stack trace:
[ 80.065581][ T4355] free_unref_page_prepare+0x637/0x6c0
[ 80.071054][ T4355] free_unref_page+0x94/0x280
[ 80.075755][ T4355] __vunmap+0x8ab/0xa40
[ 80.079944][ T4355] do_ipt_get_ctl+0xe07/0x1070
[ 80.084783][ T4355] nf_getsockopt+0x25e/0x280
[ 80.089379][ T4355] ip_getsockopt+0x115a/0x1590
[ 80.094146][ T4355] tcp_getsockopt+0x1e3/0x2390
[ 80.098916][ T4355] __sys_getsockopt+0x1b0/0x230
[ 80.103783][ T4355] __x64_sys_getsockopt+0xb1/0xc0
[ 80.108893][ T4355] do_syscall_64+0x4c/0xa0
[ 80.113309][ T4355] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 80.119205][ T4355]
[ 80.121526][ T4355] Memory state around the buggy address:
[ 80.127149][ T4355] ffff888023510500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 80.135210][ T4355] ffff888023510580: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[ 80.143270][ T4355] >ffff888023510600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 80.151333][ T4355] ^
[ 80.157229][ T4355] ffff888023510680: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 80.165296][ T4355] ffff888023510700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 80.173353][ T4355] ==================================================================
[ 80.181509][ T4355] Disabling lock debugging due to kernel taint
[ 80.191907][ T4355] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 80.199162][ T4355] CPU: 1 PID: 4355 Comm: syz.0.19 Tainted: G B syzkaller #0
[ 80.207765][ T4355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 80.217830][ T4355] Call Trace:
[ 80.221198][ T4355]
[ 80.224136][ T4355] dump_stack_lvl+0x168/0x230
[ 80.228857][ T4355] ? show_regs_print_info+0x20/0x20
[ 80.234058][ T4355] ? load_image+0x3b0/0x3b0
[ 80.238659][ T4355] panic+0x2c9/0x7f0
[ 80.242569][ T4355] ? bpf_jit_dump+0xd0/0xd0
[ 80.247075][ T4355] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 80.253049][ T4355] ? _raw_spin_unlock+0x40/0x40
[ 80.257896][ T4355] ? print_memory_metadata+0x314/0x400
[ 80.263353][ T4355] ? ax25_fillin_cb+0x459/0x640
[ 80.268200][ T4355] check_panic_on_warn+0x80/0xa0
[ 80.273134][ T4355] ? ax25_fillin_cb+0x459/0x640
[ 80.278004][ T4355] end_report+0x6d/0xf0
[ 80.282166][ T4355] kasan_report+0x102/0x130
[ 80.286700][ T4355] ? ax25_fillin_cb+0x459/0x640
[ 80.291549][ T4355] ax25_fillin_cb+0x459/0x640
[ 80.296221][ T4355] ax25_setsockopt+0x8a2/0xa40
[ 80.301070][ T4355] ? ax25_shutdown+0x10/0x10
[ 80.305660][ T4355] ? aa_sock_opt_perm+0x74/0x100
[ 80.310596][ T4355] ? bpf_lsm_socket_setsockopt+0x5/0x10
[ 80.316137][ T4355] ? security_socket_setsockopt+0x7a/0xa0
[ 80.321857][ T4355] ? ax25_shutdown+0x10/0x10
[ 80.326453][ T4355] __sys_setsockopt+0x2bf/0x3d0
[ 80.331400][ T4355] __x64_sys_setsockopt+0xb1/0xc0
[ 80.336430][ T4355] do_syscall_64+0x4c/0xa0
[ 80.340863][ T4355] ? clear_bhb_loop+0x30/0x80
[ 80.345640][ T4355] ? clear_bhb_loop+0x30/0x80
[ 80.350318][ T4355] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 80.356309][ T4355] RIP: 0033:0x7f1fed42e6c9
[ 80.360728][ T4355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 80.380355][ T4355] RSP: 002b:00007ffc9f4011b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 80.388787][ T4355] RAX: ffffffffffffffda RBX: 00007f1fed684fa0 RCX: 00007f1fed42e6c9
[ 80.396761][ T4355] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000006
[ 80.404732][ T4355] RBP: 00007f1fed4b0f91 R08: 0000000000000010 R09: 0000000000000000
[ 80.412700][ T4355] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 80.420756][ T4355] R13: 00007f1fed684fa0 R14: 00007f1fed684fa0 R15: 0000000000000005
[ 80.428748][ T4355]
[ 80.432073][ T4355] Kernel Offset: disabled
[ 80.436415][ T4355] Rebooting in 86400 seconds..